The IESG has received a request from an individual submitter to consider
the following document:
- 'EAP Tunneled TLS Authentication Protocol Version 0 (EAP-TTLSv0) '
<draft-funk-eap-ttls-v0-04.txt> as an Informational RFC
The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf(_at_)ietf(_dot_)org mailing lists by 2008-04-16. Exceptionally,
comments may be sent to iesg(_at_)ietf(_dot_)org instead. In either case,
retain the beginning of the Subject line to allow automated sorting.
Some additional background is needed here.
This document is being AD sponsored to Informational RFC. The document
describes what the widely deployed EAP TTLS protocol does. The
specification should be as accurate representation of the deployed
implementations as possible, including its limitations, which in some
cases are rather severe (lack of crypto binding etc). Last call comments
are solicited in particular from people who have implemented this and
can spot deviations between implementations and this spec. Comments are
also solicited from the security community in an effort to be as
accurate about the security properties of this method as possible.
We are publishing this in an effort to document existing EAP protocol
mechanisms. Previously, a large fraction of all deployed EAP usage ran
on vendor-specific, undocumented, or poor/outdated/unstable
specifications. Many such methods were introduced prior to the adoption
of the new IANA rules in RFC 3748. At this time, high-quality standards
track specifications for EAP methods are also expected to come out of
the EMU WG. It is my belief that the EAP user community will benefit
from the documentation of both of these categories of methods.
IETF mailing list